[PATCH v1] cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
Sudeep Holla
sudeep.holla at arm.com
Mon Apr 7 04:30:57 PDT 2025
On Sat, Apr 05, 2025 at 01:54:47PM +0800, Henry Martin wrote:
> cpufreq_cpu_get_raw() can return NULL when the target CPU is not present
> in the policy->cpus mask. scmi_cpufreq_get_rate() does not check for
> this case, which results in a NULL pointer dereference.
>
> Add NULL check after cpufreq_cpu_get_raw() to prevent this issue.
>
> Fixes: 99d6bdf33877 ("cpufreq: add support for CPU DVFS based on SCMI message protocol")
> Signed-off-by: Henry Martin <bsdhenrymartin at gmail.com>
> ---
> drivers/cpufreq/scmi-cpufreq.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/cpufreq/scmi-cpufreq.c b/drivers/cpufreq/scmi-cpufreq.c
> index c310aeebc8f3..c735f39245bf 100644
> --- a/drivers/cpufreq/scmi-cpufreq.c
> +++ b/drivers/cpufreq/scmi-cpufreq.c
> @@ -37,11 +37,17 @@ static struct cpufreq_driver scmi_cpufreq_driver;
>
> static unsigned int scmi_cpufreq_get_rate(unsigned int cpu)
> {
> - struct cpufreq_policy *policy = cpufreq_cpu_get_raw(cpu);
> - struct scmi_data *priv = policy->driver_data;
> + struct cpufreq_policy *policy;
> + struct scmi_data *priv;
> unsigned long rate;
> int ret;
>
> + policy = cpufreq_cpu_get_raw(cpu);
> + if (!policy)
How about `if (unlikely(!policy))` instead ?
With that you can add :
Reviewed-by: Sudeep Holla <sudeep.holla at arm.com>
Both comment and review applies for scpi-cpufreq.c
--
Regards,
Sudeep
More information about the linux-arm-kernel
mailing list